January 22-23, 2024 — 8.3 Release Notes¶

Network rules — General Availability¶

With this release, we are pleased to announce the general availability of network rules, which group related network identifiers into logical units. When a Snowflake feature needs to restrict network traffic based on the origin or destination of a request, it can allow or block a network rule that contains the identifiers that should be permitted or denied.

Network rules make possible the following features:

• Enhanced network security using network policies. All new network policies should use network rules.

• External network access.

This release includes a new Snowsight page for network policies, which includes the ability to manage the lifecycle of a network rule. Using SQL to work with network rules is generally available, but this new Snowsight page is a Preview feature.

Enhanced network security — General Availability¶

With this release, we are pleased to announce the general availability of enhanced security when using network policies to restrict access to Snowflake. When combined with network rules, network policies can now restrict access based on the identifier of an AWS S3 endpoint or Azure private endpoint.

Network isolation to internal stages using AWS PrivateLink — General Availability¶

With this release, we are pleased to announce the general availability of the ability to isolate network traffic to Snowflake internal stages when connecting to them over AWS PrivateLink for Amazon S3. Snowflake recommends this approach for organizations that use AWS PrivateLink to access the internal stages of multiple Snowflake accounts.

Benefits of isolating private connectivity traffic include:

• Simplified DNS management.

• Support for charging back costs to a specific Snowflake account.

• Support for implementing different security requirements for each Snowflake account.

For more details, see Accessing Internal stages with dedicated interface endpoints.